spf-discuss
[Top] [All Lists]
<prev [Date] next>
[Advanced]
 <prev [Thread] next>

Re: Reputation Services and HELO/EHLO Checking For Unified SPF

2004-07-04 03:53:02
from [Karl Prince] [Permanent Link] 
On Sun, 04 Jul 2004 11:08:16 +0100, Graham Murray wrote:

Karl Prince <spf(_dot_)pobox(_at_)princeweb(_dot_)com> writes:


* What I was trying to say (and still struggling to do 
eloquently), is that coz of the current state of SMTP, it has 
been historically very easy (and cheap) to have vanity domain 
email. However as we more to a more secure/trustworthy SMTP 
system, this will cease to be the case, and (vanity) domain 
owners are likely to have to spend more than just a 
registration fee to have their mail accepted.


Why? Surely all that should be necessary is to publish SPF (or MARID)
DNS records that indicate the MTAs which will be sending their mail
and either running their own MTA or using SMTP-AUTH to connect with
the MTA which will send the mail. None of which should cost much and
in many cases will be free.


The context of the original post has been lost on way, which 
was about shared MTA's (trustworthy or not), use of SMTP AUTH, 
and limiting domain names to nominated accounts.

Whether an ISP would be able to easily verify if an account 
should be allowed to send email from domain a user has 
requested is the problem I noted. IMHO the easier and better 
(short term) solution is to have the DNS provider provide the 
service since they "know" the domain owner, but for this there 
will probably be a charge.

For ISP's to provide this service, there need to be an easy 
(automagic) way for them to verify the user is authorised to 
send email for a domain, whois contact address maybe, though 
better have a strong password for that SMTP AUTH. ISPS doing 
this would be good, particularly if they did not charge.



Also, in terms of traceability and accountability, would it not be
better for all ISP customers to have their own domain, either
commercial or 'vanity', rather than using xxxx(_at_)isp(_dot_)com email
addresses?


Are you a DNS registrar? only joking.

By commerical I assume you mean "the demon solution", with 
subdomains of the ISPS own.

I think all three would be traceable and accountable in a 
future world with secure & trustworthy SMTP.

IMHO the best thing about vanity domains is portability


______________________________________________________________
Email via Mailtraq4Free from Enstar (www.mailtraqdirect.co.uk)
[More with this subject...]
<Prev in Thread] Current Thread [Next in Thread>
Previous by Date:  Re[2]: ISP migration information, Chris Drake
Next by Date:  Re: Re[2]: False positives, Karl Prince
Previous by Thread:  Re: Reputation Services and HELO/EHLO Checking For Unified SPF, Graham Murray
Next by Thread:  RE: Reputation Services and HELO/EHLO Checking For Unified SPF, Seth Goodman
Indexes:  [Date] [Thread] [Top] [All Lists]